# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = ['*']


CORS_ORIGIN_ALLOW_ALL = True  # 跨域配置
CORS_ALLOW_CREDENTIALS = True  # 跨域配置
CORS_ALLOW_METHODS = (
    'POST',
    'GET',
    'OPTIONS',
    'PATCH',
    'PUT',
    'DELETE'
)
CORS_ALLOW_HEADERS = (
    'X-CSRF-Token',
    'content-type',
    'x-csrftoken',
    'access-control-allow-headers',
    'oauth-token'
)

CSRF_COOKIE_NAME = "csrftoken"  # csrf配置
CSRF_HEADER_NAME = "HTTP_X_CSRFTOKEN"